On Thu, Apr 16, 2015 at 07:44:21AM -0500, Les Mikesell wrote:
> > The issue here really isn't systemd or the PrivateTmp feature but the
> > fact that some applications don't properly distinguish between temporary
> > files and data files.
> Maybe, but if an application wants a private directory for temporary
> files, shouldn't it create and manage that directory itself instead of
> being second-guessed by the default configuration of the OS?
This one I have a clear answer for: no. It's the distribution's job to
help regularize application practices, especially when they don't
follow good practices for security. Ideally, we work with upstreams on
this, but sometimes where it's just a matter of configuration, we
choose to exercise options to make everything fit together.
> filesystem. And as far as what the default location should be -
> what would be correct for portable code? Isn't /var/lib/something
> kind of linux-centric? Where can an application expect to be able to
> write?
Linux-centric? Linux/Unix-centric, maybe. I mean, that's not gonna work
on VMS or MS Windows — but then, neither is /tmp.
--
Matthew Miller
<mattdm@xxxxxxxxxxxxxxxxx>
Fedora Project Leader
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
